Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/HMiVsyIJbX-NaJeEZhjQAKoEJzk.roa
File: HMiVsyIJbX-NaJeEZhjQAKoEJzk.roa (raw, json)
Hash identifier: 4FyxaCTULoiroxdgXdQWtAzIwiEDh735leDqZo2fqpY=
Subject key identifier: 1C:C8:95:B3:22:09:6D:7F:8D:68:97:84:66:18:D0:00:AA:04:27:39
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018BDE3E8636DE1DB908DFF678BCAD9AEE5E
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/HMiVsyIJbX-NaJeEZhjQAKoEJzk.roa
Signing time: Fri 17 Nov 2023 17:05:21 +0000
ROA not before: Fri 17 Nov 2023 17:05:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18b:caf2:ca7a/128 maxlen: 128
2001:67c:64:ffff:0:18b:de3d:cb42/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:de:3e:86:36:de:1d:b9:08:df:f6:78:bc:ad:9a:ee:5e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Nov 17 17:05:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1cc895b322096d7f8d6897846618d000aa042739
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:7a:87:05:0d:97:eb:bd:7f:6c:54:18:da:10:
3d:1a:5b:aa:5b:5f:39:7a:63:0e:2a:3c:1d:3c:04:
19:1b:99:05:84:39:91:55:16:eb:5e:89:d7:9d:73:
86:65:76:a2:d8:3f:5c:2f:4b:ce:b4:ad:13:6f:b3:
44:cb:5f:8a:60:76:0d:00:9b:44:55:1d:4a:cf:87:
0a:ee:77:57:41:a0:35:42:2e:60:13:b5:cc:bb:2d:
f1:c7:52:76:89:6d:9d:f3:e0:d9:94:51:a4:8e:a5:
47:40:af:9b:b2:08:74:0b:80:cb:48:be:ec:a3:88:
f1:94:00:34:f3:21:2a:98:d6:d2:75:d3:a9:65:a5:
2f:99:7c:a0:a9:fd:5d:bf:92:b7:52:8c:6a:c0:41:
51:32:6e:79:5d:c9:f6:da:34:42:fc:3a:80:23:b2:
84:40:06:fe:37:a1:e0:1d:4a:eb:6f:93:c8:ee:45:
50:7b:e4:b5:04:1b:3f:e1:ed:74:d4:dc:4a:ab:c5:
a3:63:34:4a:8c:9e:ec:4d:d2:15:11:46:02:93:a3:
ba:09:ce:ed:ce:f8:6a:2d:b4:09:3c:14:81:72:29:
3a:36:33:9e:b5:78:50:89:fa:ae:5f:61:5f:1a:69:
db:ae:c9:d4:80:58:3e:67:43:38:d4:b9:7f:1a:03:
bd:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:C8:95:B3:22:09:6D:7F:8D:68:97:84:66:18:D0:00:AA:04:27:39
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/HMiVsyIJbX-NaJeEZhjQAKoEJzk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
89:ae:91:d7:4a:25:6a:6f:96:57:a9:8b:82:2d:08:21:c2:a4:
28:b5:cc:5f:b6:d2:cf:ab:fb:a8:e6:49:2b:e1:2d:10:c0:26:
3d:26:1b:76:04:01:4b:52:b9:9d:04:ef:26:7d:51:d4:e8:3e:
59:50:b9:a4:ed:b1:e1:e4:83:80:13:e2:3a:4b:19:3c:86:fb:
ce:15:cf:a4:35:00:50:6c:c2:a5:23:df:8f:c0:86:ef:bc:be:
d7:0a:c3:3e:7b:44:f5:a2:b6:bd:19:ec:5c:43:29:01:fe:e8:
8f:25:a9:bf:5a:25:55:c3:62:5d:d1:9a:d1:00:b6:5f:a1:fa:
f6:e1:75:1d:55:7d:dd:c0:4b:38:68:af:d6:df:9a:95:cf:10:
33:b6:6f:f5:8e:c4:6c:d4:29:69:91:fd:12:f4:eb:8f:b1:41:
93:a9:da:9e:ab:0d:a5:0e:24:f8:59:73:19:23:2a:dd:b2:44:
1b:a1:b3:c3:18:c7:6f:d7:37:4a:79:49:b1:17:c5:b2:cd:67:
9c:68:26:2a:64:23:58:a8:b9:d0:53:4b:75:c1:83:d3:4f:ab:
9b:1a:80:a9:29:05:ef:32:08:ab:08:d2:ba:3f:fc:43:13:43:
eb:c9:7a:45:c7:1f:b3:0a:57:81:47:c9:fb:89:89:21:9c:3f:
9b:83:70:94
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYvePoY23h25CN/2eLytmu5eMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMTE3MTcwNTIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxY2M4OTViMzIyMDk2ZDdmOGQ2ODk3ODQ2NjE4ZDAwMGFhMDQyNzM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAinqHBQ2X671/bFQY2hA9GluqW185
emMOKjwdPAQZG5kFhDmRVRbrXonXnXOGZXai2D9cL0vOtK0Tb7NEy1+KYHYNAJtE
VR1Kz4cK7ndXQaA1Qi5gE7XMuy3xx1J2iW2d8+DZlFGkjqVHQK+bsgh0C4DLSL7s
o4jxlAA08yEqmNbSddOpZaUvmXygqf1dv5K3UoxqwEFRMm55Xcn22jRC/DqAI7KE
QAb+N6HgHUrrb5PI7kVQe+S1BBs/4e101NxKq8WjYzRKjJ7sTdIVEUYCk6O6Cc7t
zvhqLbQJPBSBcik6NjOetXhQifquX2FfGmnbrsnUgFg+Z0M41Ll/GgO9qQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFBzIlbMiCW1/jWiXhGYY0ACqBCc5MB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvSE1pVnN5SUpiWC1OYUplRVpoalFBS29FSnprLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAImukddKJWpvllepi4It
CCHCpCi1zF+20s+r+6jmSSvhLRDAJj0mG3YEAUtSuZ0E7yZ9UdToPllQuaTtseHk
g4AT4jpLGTyG+84Vz6Q1AFBswqUj34/Ahu+8vtcKwz57RPWitr0Z7FxDKQH+6I8l
qb9aJVXDYl3RmtEAtl+h+vbhdR1Vfd3ASzhor9bfmpXPEDO2b/WOxGzUKWmR/RL0
64+xQZOp2p6rDaUOJPhZcxkjKt2yRBuhs8MYx2/XN0p5SbEXxbLNZ5xoJipkI1io
udBTS3XBg9NPq5sagKkpBe8yCKsI0ro//EMTQ+vJekXHH7MKV4FHyfuJiSGcP5uD
cJQ=
-----END CERTIFICATE-----
Generated at Thu Jun 19 13:10:04 2025 by rpki-client